CVE-2023-6484 Information
Description
A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.
Reference
https://access.redhat.com/errata/RHSA-2024:0798 https://access.redhat.com/errata/RHSA-2024:0799 https://access.redhat.com/errata/RHSA-2024:0800 https://access.redhat.com/errata/RHSA-2024:0801 https://access.redhat.com/errata/RHSA-2024:0804 https://access.redhat.com/errata/RHSA-2024:1860 https://access.redhat.com/errata/RHSA-2024:1861 https://access.redhat.com/errata/RHSA-2024:1862 https://access.redhat.com/errata/RHSA-2024:1864 https://access.redhat.com/errata/RHSA-2024:1865 https://access.redhat.com/errata/RHSA-2024:1866 https://access.redhat.com/errata/RHSA-2024:1867 https://access.redhat.com/errata/RHSA-2024:1868 https://access.redhat.com/security/cve/CVE-2023-6484 https://bugzilla.redhat.com/show_bug.cgi?id=2248423
Share on: